packages/mysql5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
mysql5/mysql-5.7.27/mysql-test/r/plugin_auth.result

767 lines
34 KiB
Plaintext
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

CALL mtr.add_suppression("Plugin test_plugin_server reported: 'Wrong password supplied for plug_dest'");
SELECT PLUGIN_STATUS, PLUGIN_TYPE, PLUGIN_DESCRIPTION
FROM INFORMATION_SCHEMA.PLUGINS WHERE PLUGIN_NAME='test_plugin_server';
PLUGIN_STATUS ACTIVE
PLUGIN_TYPE AUTHENTICATION
PLUGIN_DESCRIPTION plugin API test plugin
SET @old_log_output= @@global.log_output;
SET @old_general_log= @@global.general_log;
SET GLOBAL log_output = 'TABLE';
SET GLOBAL general_log= 'ON';
CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
SELECT plugin,authentication_string FROM mysql.user WHERE User='plug';
plugin authentication_string
test_plugin_server plug_dest
## test plugin auth
ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES)
GRANT PROXY ON plug_dest TO plug;
test proxies_priv columns
SELECT * FROM mysql.proxies_priv WHERE user !='root';
Host User Proxied_host Proxied_user With_grant Grantor Timestamp
xx plug % plug_dest 0 root@localhost xx
test mysql.proxies_priv;
SHOW CREATE TABLE mysql.proxies_priv;
Table Create Table
proxies_priv CREATE TABLE `proxies_priv` (
`Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
`User` char(32) COLLATE utf8_bin NOT NULL DEFAULT '',
`Proxied_host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
`Proxied_user` char(32) COLLATE utf8_bin NOT NULL DEFAULT '',
`With_grant` tinyint(1) NOT NULL DEFAULT '0',
`Grantor` char(93) COLLATE utf8_bin NOT NULL DEFAULT '',
`Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`),
KEY `Grantor` (`Grantor`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='User proxy privileges'
select USER(),CURRENT_USER();
USER() CURRENT_USER()
plug@localhost plug_dest@%
## test SET PASSWORD
Setting password is allowed but it won't affect the authentication mechanism.
SET PASSWORD = 'plug_dest';
Warnings:
Note 1699 SET PASSWORD has no significance for user 'plug'@'%' as authentication plugin does not support it.
## test bad credentials
ERROR 28000: Access denied for user 'plug'@'localhost' (using password: YES)
## test bad default plugin : should get CR_AUTH_PLUGIN_CANNOT_LOAD
## test correct default plugin
select USER(),CURRENT_USER();
USER() CURRENT_USER()
plug@localhost plug_dest@%
## test no_auto_create_user sql mode with plugin users
SET @@sql_mode=no_auto_create_user;
GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server';
ERROR 42000: Can't find any matching row in the user table
GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server' BY '123';
Warnings:
Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement.
SET @@sql_mode=default;
DROP USER grant_user;
## test utf-8 user name
CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
GRANT PROXY ON plug_dest TO `Ÿ`;
select USER(),CURRENT_USER();
USER() CURRENT_USER()
Ÿ@localhost plug_dest@%
DROP USER `Ÿ`;
## test GRANT ... IDENTIFIED WITH/BY ...
CREATE DATABASE test_grant_db;
# create new user via GRANT WITH
GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user
IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
Warnings:
Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement.
GRANT PROXY ON plug_dest TO new_grant_user;
select USER(),CURRENT_USER();
USER() CURRENT_USER()
new_grant_user@localhost plug_dest@%
USE test_grant_db;
CREATE TABLE t1 (a INT);
DROP TABLE t1;
REVOKE ALL PRIVILEGES ON test_grant_db.* FROM new_grant_user;
# try re-create existing user via GRANT IDENTIFIED BY
GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user
IDENTIFIED BY 'unused_password';
# make sure password doesn't take precendence
ERROR 28000: Access denied for user 'new_grant_user'@'localhost' (using password: YES)
#make sure plugin auth still available
select USER(),CURRENT_USER();
USER() CURRENT_USER()
new_grant_user@localhost plug_dest@%
USE test_grant_db;
CREATE TABLE t1 (a INT);
DROP TABLE t1;
DROP USER new_grant_user;
REVOKE SELECT on test_grant_db.* FROM joro
INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'' at line 2
REVOKE SELECT on test_grant_db.* FROM joro
INDENTIFIED BY 'plug_dest_passwd';
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED BY 'plug_dest_passwd'' at line 2
REVOKE SELECT on test_grant_db.* FROM joro
INDENTIFIED BY PASSWORD 'plug_dest_passwd';
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'INDENTIFIED BY PASSWORD 'plug_dest_passwd'' at line 2
DROP DATABASE test_grant_db;
## GRANT PROXY tests
SELECT @@global.check_proxy_users;
@@global.check_proxy_users
0
SELECT @@global.mysql_native_password_proxy_users;
@@global.mysql_native_password_proxy_users
0
SELECT @@global.sha256_password_proxy_users;
@@global.sha256_password_proxy_users
0
SET @@global.check_proxy_users=ON;
SET @@global.mysql_native_password_proxy_users=ON;
SET @@global.sha256_password_proxy_users=ON;
CREATE USER grant_plug IDENTIFIED WITH 'test_plugin_server'
AS 'grant_plug_dest';
CREATE USER grant_plug_dest IDENTIFIED BY 'grant_plug_dest_passwd';
CREATE USER grant_plug_dest2 IDENTIFIED BY 'grant_plug_dest_passwd2';
# ALL PRIVILEGES doesn't include PROXY
GRANT ALL PRIVILEGES ON *.* TO grant_plug;
ERROR 28000: Access denied for user 'grant_plug'@'localhost' (using password: YES)
GRANT ALL PRIVILEGES,PROXY ON grant_plug_dest TO grant_plug;
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'PROXY ON grant_plug_dest TO grant_plug' at line 1
this should fail : can't combine PROXY
GRANT ALL SELECT,PROXY ON grant_plug_dest TO grant_plug;
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT,PROXY ON grant_plug_dest TO grant_plug' at line 1
# this should fail : no such grant
REVOKE PROXY ON grant_plug_dest FROM grant_plug;
ERROR 42000: There is no such grant defined for user 'grant_plug' on host '%'
in grant_plug_dest_con
## testing what an ordinary user can grant
this should fail : no rights to grant all
GRANT PROXY ON ''@'' TO grant_plug;
ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost'
this should fail : not the same user
GRANT PROXY ON grant_plug TO grant_plug_dest;
ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost'
This is a valid grant
GRANT PROXY ON grant_plug_dest TO grant_plug;
REVOKE PROXY ON grant_plug_dest FROM grant_plug;
this should work : same user
GRANT PROXY ON grant_plug_dest TO grant_plug_dest2;
REVOKE PROXY ON grant_plug_dest FROM grant_plug_dest2;
this should fail : not the same user
GRANT PROXY ON grant_plug_dest@localhost TO grant_plug WITH GRANT OPTION;
ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost'
this should fail : not the same user
REVOKE PROXY ON grant_plug_dest@localhost FROM grant_plug;
ERROR 28000: Access denied for user 'grant_plug_dest'@'localhost'
this should fail : can't create users
GRANT PROXY ON grant_plug_dest TO grant_plug@localhost;
ERROR 42000: You are not allowed to create a user with GRANT
in default connection
# test what root can grant
should work : root has PROXY to all users
GRANT PROXY ON ''@'' TO grant_plug;
REVOKE PROXY ON ''@'' FROM grant_plug;
should work : root has PROXY to all users
GRANT PROXY ON ''@'' TO proxy_admin IDENTIFIED BY 'test'
WITH GRANT OPTION;
Warnings:
Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement.
need USAGE : PROXY doesn't contain it.
GRANT USAGE on *.* TO proxy_admin;
in proxy_admin_con;
should work : proxy_admin has proxy to ''@''
GRANT PROXY ON future_user TO grant_plug;
in default connection
SHOW GRANTS FOR grant_plug;
Grants for grant_plug@%
GRANT ALL PRIVILEGES ON *.* TO 'grant_plug'@'%'
GRANT PROXY ON 'future_user'@'%' TO 'grant_plug'@'%'
REVOKE PROXY ON future_user FROM grant_plug;
SHOW GRANTS FOR grant_plug;
Grants for grant_plug@%
GRANT ALL PRIVILEGES ON *.* TO 'grant_plug'@'%'
## testing drop user
CREATE USER test_drop@localhost;
GRANT PROXY ON future_user TO test_drop@localhost;
SHOW GRANTS FOR test_drop@localhost;
Grants for test_drop@localhost
GRANT USAGE ON *.* TO 'test_drop'@'localhost'
GRANT PROXY ON 'future_user'@'%' TO 'test_drop'@'localhost'
DROP USER test_drop@localhost;
SELECT * FROM mysql.proxies_priv WHERE Host = 'test_drop' AND User = 'localhost';
Host User Proxied_host Proxied_user With_grant Grantor Timestamp
DROP USER proxy_admin;
DROP USER grant_plug,grant_plug_dest,grant_plug_dest2;
## END GRANT PROXY tests
## cleanup
DROP USER plug;
DROP USER plug_dest;
## @@proxy_user tests
CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug;
SELECT USER(),CURRENT_USER(),@@LOCAL.proxy_user;
USER() CURRENT_USER() @@LOCAL.proxy_user
root@localhost root@localhost NULL
SELECT @@GLOBAL.proxy_user;
ERROR HY000: Variable 'proxy_user' is a SESSION variable
SELECT @@LOCAL.proxy_user;
@@LOCAL.proxy_user
NULL
SET GLOBAL proxy_user = 'test';
ERROR HY000: Variable 'proxy_user' is a read only variable
SET LOCAL proxy_user = 'test';
ERROR HY000: Variable 'proxy_user' is a read only variable
SELECT @@LOCAL.proxy_user;
@@LOCAL.proxy_user
NULL
# in connection plug_con
SELECT @@LOCAL.proxy_user;
@@LOCAL.proxy_user
'plug'@'%'
# in connection default
SET @@global.check_proxy_users=0;
SET @@global.mysql_native_password_proxy_users=0;
SET @@global.sha256_password_proxy_users=0;
## cleanup
DROP USER plug;
DROP USER plug_dest;
## END @@proxy_user tests
## @@external_user tests
CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest';
CREATE USER plug_dest IDENTIFIED BY 'plug_dest_passwd';
GRANT PROXY ON plug_dest TO plug;
SELECT USER(),CURRENT_USER(),@@LOCAL.external_user;
USER() CURRENT_USER() @@LOCAL.external_user
root@localhost root@localhost NULL
SELECT @@GLOBAL.external_user;
ERROR HY000: Variable 'external_user' is a SESSION variable
SELECT @@LOCAL.external_user;
@@LOCAL.external_user
NULL
SET GLOBAL external_user = 'test';
ERROR HY000: Variable 'external_user' is a read only variable
SET LOCAL external_user = 'test';
ERROR HY000: Variable 'external_user' is a read only variable
SELECT @@LOCAL.external_user;
@@LOCAL.external_user
NULL
# in connection plug_con
SELECT @@LOCAL.external_user;
@@LOCAL.external_user
plug_dest
# in connection default
WL#5706 -- show the above got logged/rewritten correctly
SELECT argument FROM mysql.general_log WHERE argument LIKE CONCAT('%IDENTIFIED ','WITH %');
argument
CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
CREATE USER 'plug_dest'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>'
GRANT INSERT ON TEST.* TO grant_user IDENTIFIED WITH 'test_plugin_server'
GRANT INSERT ON `TEST`.* TO 'grant_user'@'%' IDENTIFIED WITH 'test_plugin_server' AS '<secret>'
CREATE USER `Ÿ` IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
GRANT ALL PRIVILEGES ON test_grant_db.* TO new_grant_user
IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
GRANT ALL PRIVILEGES ON `test_grant_db`.* TO 'new_grant_user'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>'
CREATE USER grant_plug IDENTIFIED WITH 'test_plugin_server'
AS 'grant_plug_dest'
CREATE USER 'grant_plug_dest'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>'
CREATE USER 'grant_plug_dest2'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>'
GRANT PROXY ON ''@'' TO 'proxy_admin'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>' WITH GRANT OPTION
CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
CREATE USER 'plug_dest'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>'
CREATE USER plug IDENTIFIED WITH 'test_plugin_server' AS 'plug_dest'
CREATE USER 'plug_dest'@'%' IDENTIFIED WITH 'mysql_native_password' AS '<secret>'
## cleanup
DROP USER plug;
DROP USER plug_dest;
SET GLOBAL log_output= @old_log_output;
SET GLOBAL general_log= @old_general_log;
## END @@external_user tests
#
# Bug #56798 : Wrong credentials assigned when using a proxy user.
#
set @orig_sql_mode = @@sql_mode;
set sql_mode=(select replace(@@sql_mode,'NO_AUTO_CREATE_USER',''));
Warnings:
Warning 3090 Changing sql mode 'NO_AUTO_CREATE_USER' is deprecated. It will be removed in a future release.
GRANT ALL PRIVILEGES ON *.* TO power_user;
Warnings:
Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement.
set sql_mode= @orig_sql_mode;
Warnings:
Warning 3090 Changing sql mode 'NO_AUTO_CREATE_USER' is deprecated. It will be removed in a future release.
GRANT USAGE ON anonymous_db.* TO ''@''
IDENTIFIED WITH 'test_plugin_server' AS 'power_user';
Warnings:
Warning 1287 Using GRANT for creating new user is deprecated and will be removed in future release. Create new user with CREATE USER statement.
GRANT PROXY ON power_user TO ''@'';
CREATE DATABASE confidential_db;
SELECT user(),current_user(),@@proxy_user;
user() current_user() @@proxy_user
test_login_user@localhost power_user@% ''@''
DROP USER power_user;
DROP USER ''@'';
DROP DATABASE confidential_db;
# Test case #2 (crash with double grant proxy)
CREATE USER ''@'' IDENTIFIED WITH 'test_plugin_server' AS 'standard_user';
CREATE USER standard_user;
CREATE DATABASE shared;
GRANT ALL PRIVILEGES ON shared.* TO standard_user;
GRANT PROXY ON standard_user TO ''@'';
#should not crash
GRANT PROXY ON standard_user TO ''@'';
DROP USER ''@'';
DROP USER standard_user;
DROP DATABASE shared;
#
# Bug #57551 : Live upgrade fails between 5.1.52 -> 5.5.7-rc
#
CALL mtr.add_suppression("Missing system table mysql.proxies_priv.");
DROP TABLE mysql.proxies_priv;
# Must come back with mysql.proxies_priv absent.
# restart
SELECT * FROM mysql.proxies_priv;
ERROR 42S02: Table 'mysql.proxies_priv' doesn't exist
CREATE USER u1@localhost;
GRANT ALL PRIVILEGES ON *.* TO u1@localhost;
REVOKE ALL PRIVILEGES ON *.* FROM u1@localhost;
GRANT ALL PRIVILEGES ON *.* TO u1@localhost;
CREATE USER u2@localhost;
GRANT ALL PRIVILEGES ON *.* TO u2@localhost;
# access denied because of no privileges to root
GRANT PROXY ON u2@localhost TO u1@localhost;
ERROR 28000: Access denied for user 'root'@'localhost'
# access denied because of no privileges to root
REVOKE PROXY ON u2@localhost FROM u1@localhost;
ERROR 28000: Access denied for user 'root'@'localhost'
# go try graning proxy on itself, so that it will need the table
GRANT PROXY ON u2@localhost TO u1@localhost;
ERROR 42S02: Table 'mysql.proxies_priv' doesn't exist
REVOKE PROXY ON u2@localhost FROM u1@localhost;
ERROR 42S02: Table 'mysql.proxies_priv' doesn't exist
# test if REVOKE works without the proxies_priv table
REVOKE ALL PRIVILEGES ON *.* FROM u1@localhost, u2@localhost;
# test if DROP USER work without the proxies_priv table
DROP USER u1@localhost,u2@localhost;
# test if FLUSH PRIVILEGES works without the proxies_priv table
FLUSH PRIVILEGES;
mysql.columns_priv OK
mysql.db OK
mysql.engine_cost OK
mysql.event OK
mysql.func OK
mysql.general_log OK
mysql.gtid_executed OK
mysql.help_category OK
mysql.help_keyword OK
mysql.help_relation OK
mysql.help_topic OK
mysql.innodb_index_stats OK
mysql.innodb_table_stats OK
mysql.ndb_binlog_index OK
mysql.plugin OK
mysql.proc OK
mysql.procs_priv OK
mysql.proxies_priv OK
mysql.server_cost OK
mysql.servers OK
mysql.slave_master_info OK
mysql.slave_relay_log_info OK
mysql.slave_worker_info OK
mysql.slow_log OK
mysql.tables_priv OK
mysql.time_zone OK
mysql.time_zone_leap_second OK
mysql.time_zone_name OK
mysql.time_zone_transition OK
mysql.time_zone_transition_type OK
mysql.user OK
mtr.global_suppressions OK
mtr.test_suppressions OK
sys.sys_config OK
SELECT Host,User,Proxied_host,Proxied_user,With_grant FROM mysql.proxies_priv;
Host localhost
User root
Proxied_host
Proxied_user
With_grant 1
FLUSH PRIVILEGES;
#
# Bug#58139 : default-auth option not recognized in MySQL standard
# command line clients
#
# Executing 'mysql'
1
1
# Executing 'mysqladmin'
mysqld is alive
# Executing 'mysqldump'
# Executing 'mysql_upgrade'
The --upgrade-system-tables option was used, databases won't be touched.
#
# Bug #59657: Move the client authentication_pam plugin into the
# server repository
#
CREATE USER uplain@localhost IDENTIFIED WITH 'cleartext_plugin_server'
AS 'cleartext_test';
## test plugin auth
ERROR 28000: Access denied for user 'uplain'@'localhost' (using password: YES)
select USER(),CURRENT_USER();
USER() CURRENT_USER()
uplain@localhost uplain@localhost
DROP USER uplain@localhost;
#
# Bug #59038 : mysql.user.authentication_string column
# causes configuration wizard to fail
INSERT INTO mysql.user(
Host,
User,
Select_priv,
Insert_priv,
Update_priv,
Delete_priv,
Create_priv,
Drop_priv,
Reload_priv,
Shutdown_priv,
Process_priv,
File_priv,
Grant_priv,
References_priv,
Index_priv,
Alter_priv,
Show_db_priv,
Super_priv,
Create_tmp_table_priv,
Lock_tables_priv,
Execute_priv,
Repl_slave_priv,
Repl_client_priv,
/*!50001
Create_view_priv,
Show_view_priv,
Create_routine_priv,
Alter_routine_priv,
Create_user_priv,
*/
ssl_type,
ssl_cipher,
x509_issuer,
x509_subject,
max_questions,
max_updates,
max_connections)
VALUES (
'localhost',
'inserttest',
'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y',
'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y',
/*!50001 'Y', 'Y', 'Y', 'Y', 'Y', */'', '', '', '', '0', '0', '0');
FLUSH PRIVILEGES;
DROP USER inserttest@localhost;
SELECT IS_NULLABLE, COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE
COLUMN_NAME IN ('authentication_string', 'plugin') AND
TABLE_NAME='user' AND
TABLE_SCHEMA='mysql'
ORDER BY COLUMN_NAME;
IS_NULLABLE COLUMN_NAME
YES authentication_string
NO plugin
#
# Bug #11936829: diff. between mysql.user (authentication_string)
# in fresh and upgraded 5.5.11
#
SELECT IS_NULLABLE, COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_SCHEMA= 'mysql' AND TABLE_NAME= 'user' AND
COLUMN_NAME IN ('plugin', 'authentication_string')
ORDER BY COLUMN_NAME;
IS_NULLABLE COLUMN_NAME
YES authentication_string
NO plugin
ALTER TABLE mysql.user MODIFY plugin char(64) DEFAULT '' NOT NULL;
ALTER TABLE mysql.user MODIFY authentication_string TEXT NOT NULL;
Run mysql_upgrade on a 5.5.10 external authentication column layout
mysql.columns_priv OK
mysql.db OK
mysql.engine_cost OK
mysql.event OK
mysql.func OK
mysql.general_log OK
mysql.gtid_executed OK
mysql.help_category OK
mysql.help_keyword OK
mysql.help_relation OK
mysql.help_topic OK
mysql.innodb_index_stats OK
mysql.innodb_table_stats OK
mysql.ndb_binlog_index OK
mysql.plugin OK
mysql.proc OK
mysql.procs_priv OK
mysql.proxies_priv OK
mysql.server_cost OK
mysql.servers OK
mysql.slave_master_info OK
mysql.slave_relay_log_info OK
mysql.slave_worker_info OK
mysql.slow_log OK
mysql.tables_priv OK
mysql.time_zone OK
mysql.time_zone_leap_second OK
mysql.time_zone_name OK
mysql.time_zone_transition OK
mysql.time_zone_transition_type OK
mysql.user OK
mtr.global_suppressions OK
mtr.test_suppressions OK
sys.sys_config OK
SELECT IS_NULLABLE, COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS
WHERE TABLE_SCHEMA= 'mysql' AND TABLE_NAME= 'user' AND
COLUMN_NAME IN ('plugin', 'authentication_string')
ORDER BY COLUMN_NAME;
IS_NULLABLE COLUMN_NAME
YES authentication_string
NO plugin
#
# Bug #12610784: SET PASSWORD INCORRECTLY KEEP AN OLD EMPTY PASSWORD
#
CREATE USER bug12610784@localhost;
SET PASSWORD FOR bug12610784@localhost = 'secret';
ERROR 28000: Access denied for user 'bug12610784'@'localhost' (using password: NO)
DROP USER bug12610784@localhost;
#
# Bug # 11766641: 59792: BIN/MYSQL -UUNKNOWN -PUNKNOWN
# .-> USING PASSWORD: NO
# shoud contain "using password=yes"
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1045 (28000): Access denied for user 'unknown'@'localhost' (using password: YES)
# shoud contain "using password=no"
ERROR 1045 (28000): Access denied for user 'unknown'@'localhost' (using password: NO)
#
# Bug #12818542: PAM: ADDING PASSWORD FOR AN ACCOUNT DISABLES PAM
# AUTHENTICATION SETTINGS
#
CREATE USER bug12818542@localhost
IDENTIFIED WITH 'test_plugin_server' AS 'bug12818542_dest';
CREATE USER bug12818542_dest@localhost
IDENTIFIED BY 'bug12818542_dest_passwd';
GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost;
SELECT USER(),CURRENT_USER();
USER() CURRENT_USER()
bug12818542@localhost bug12818542_dest@localhost
SET PASSWORD = 'bruhaha';
Warnings:
Note 1699 SET PASSWORD has no significance for user 'bug12818542'@'localhost' as authentication plugin does not support it.
SELECT USER(),CURRENT_USER();
USER() CURRENT_USER()
bug12818542@localhost bug12818542_dest@localhost
DROP USER bug12818542@localhost;
DROP USER bug12818542_dest@localhost;
#
# Bug #12818542: PAM: ADDING PASSWORD FOR AN ACCOUNT DISABLES PAM
# AUTHENTICATION SETTINGS
#
CREATE USER bug12818542@localhost
IDENTIFIED WITH 'test_plugin_server' AS 'bug12818542_dest';
CREATE USER bug12818542_dest@localhost
IDENTIFIED BY 'bug12818542_dest_passwd';
GRANT PROXY ON bug12818542_dest@localhost TO bug12818542@localhost;
SELECT USER(),CURRENT_USER();
USER() CURRENT_USER()
bug12818542@localhost bug12818542_dest@localhost
SET PASSWORD = 'bruhaha';
Warnings:
Note 1699 SET PASSWORD has no significance for user 'bug12818542'@'localhost' as authentication plugin does not support it.
SELECT USER(),CURRENT_USER();
USER() CURRENT_USER()
bug12818542@localhost bug12818542_dest@localhost
DROP USER bug12818542@localhost;
DROP USER bug12818542_dest@localhost;
End of 5.5 tests
#
# Bug #18057562: PROXY USERS LOCKED OUT WHEN UNDERLYING PROXIED USER
# PASSWORD IS EXPIRED
#
# Restart server with disconnect_on_expired_password OFF;
CREATE USER 'empl_external'@'localhost' IDENTIFIED WITH test_plugin_server AS 'employee';
CREATE USER 'employee'@'localhost' IDENTIFIED BY 'passkey';
GRANT PROXY ON 'employee'@'localhost' TO 'empl_external'@'localhost';
# Expiring the proxied user's password
ALTER USER employee@localhost PASSWORD EXPIRE;
# Connecting with the proxied user and executing a query after the
# proxied user's password is expired
mysql: [Warning] Using a password on the command line interface can be insecure.
ERROR 1820 (HY000) at line 1: You must reset your password using ALTER USER statement before executing this statement.
# Connecting with the proxy user and executing a query after the proxied
# user's password is expired. Here we are not supposed to get error.
mysql: [Warning] Using a password on the command line interface can be insecure.
current_user()
employee@localhost
user()
empl_external@localhost
DROP USER 'empl_external'@'localhost', 'employee'@'localhost';
#
# Bug #20537246: SERVER CRASH WHILE CONNECTING WITH CLEARTEXT-PLUGIN
# USER WITH BLANK PWD
#
CREATE USER bug20537246@localhost
IDENTIFIED WITH 'cleartext_plugin_server' AS '';
## test connection
select USER(),CURRENT_USER();
USER() CURRENT_USER()
bug20537246@localhost bug20537246@localhost
DROP USER bug20537246@localhost;
#
# Bug #20599280 PASSWORD EXPIRED FLAG SET FOR PROXY USER SESSION WHEN
# IT SET FOR PROXIED USER
#
CREATE USER 'empl_external'@'localhost' IDENTIFIED WITH test_plugin_server AS 'employee';
CREATE USER 'employee'@'localhost' IDENTIFIED BY 'passkey';
GRANT ALL ON *.* TO 'employee'@'localhost';
GRANT PROXY ON 'employee'@'localhost' TO 'empl_external'@'localhost';
SELECT USER(), CURRENT_USER, @@PROXY_USER;
USER() CURRENT_USER @@PROXY_USER
empl_external@localhost employee@localhost 'empl_external'@'localhost'
ALTER USER 'employee'@'localhost' PASSWORD EXPIRE;
SELECT USER(), CURRENT_USER, @@PROXY_USER;
USER() CURRENT_USER @@PROXY_USER
empl_external@localhost employee@localhost 'empl_external'@'localhost'
SELECT USER(), CURRENT_USER, @@PROXY_USER;
USER() CURRENT_USER @@PROXY_USER
empl_external@localhost employee@localhost 'empl_external'@'localhost'
SELECT USER(), CURRENT_USER, @@PROXY_USER;
ERROR HY000: You must reset your password using ALTER USER statement before executing this statement.
DROP USER 'employee'@'localhost', 'empl_external'@'localhost';
#
# WL#2284: Increase the length of a user name
#
# Testing 32 proxy users
CREATE USER user_name_len_22_01234 IDENTIFIED WITH 'test_plugin_server' AS 'user_name_len_22_0dest';
CREATE USER user_name_len_22_0dest IDENTIFIED BY 'plug_dest_passwd';
SELECT plugin,authentication_string FROM mysql.user WHERE User='plug';
plugin authentication_string
## test plugin auth
ERROR 28000: Access denied for user 'user_name_len_22_01234'@'localhost' (using password: YES)
GRANT PROXY ON user_name_len_22_0dest TO user_name_len_22_01234;
test proxies_priv columns
SELECT * FROM mysql.proxies_priv WHERE user !='root';
Host User Proxied_host Proxied_user With_grant Grantor Timestamp
xx user_name_len_22_01234 % user_name_len_22_0dest 0 root@localhost xx
test mysql.proxies_priv;
SHOW CREATE TABLE mysql.proxies_priv;
Table Create Table
proxies_priv CREATE TABLE `proxies_priv` (
`Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
`User` char(32) COLLATE utf8_bin NOT NULL DEFAULT '',
`Proxied_host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
`Proxied_user` char(32) COLLATE utf8_bin NOT NULL DEFAULT '',
`With_grant` tinyint(1) NOT NULL DEFAULT '0',
`Grantor` char(93) COLLATE utf8_bin NOT NULL DEFAULT '',
`Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`),
KEY `Grantor` (`Grantor`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='User proxy privileges'
SELECT USER(),CURRENT_USER();
USER() CURRENT_USER()
user_name_len_22_01234@localhost user_name_len_22_0dest@%
SET NAMES utf8;
CREATE USER очень_очень_очень_длинный_юзер__ IDENTIFIED WITH 'test_plugin_server' AS 'очень_очень_очень_длинный_дест__';
CREATE USER очень_очень_очень_длинный_дест__ IDENTIFIED BY 'plug_dest_passwd';
SELECT plugin,authentication_string FROM mysql.user WHERE User='plug';
plugin authentication_string
## test plugin auth
ERROR 28000: Access denied for user 'очень_очень_очень_длинный_'@'localhost' (using password: YES)
GRANT PROXY ON очень_очень_очень_длинный_дест__ TO очень_очень_очень_длинный_юзер__;
test proxies_priv columns
SELECT * FROM mysql.proxies_priv WHERE user !='root';
Host User Proxied_host Proxied_user With_grant Grantor Timestamp
xx user_name_len_22_01234 % user_name_len_22_0dest 0 root@localhost xx
xx очень_очень_очень_длинный_юзер__ % очень_очень_очень_длинный_дест__ 0 root@localhost xx
test mysql.proxies_priv;
SHOW CREATE TABLE mysql.proxies_priv;
Table Create Table
proxies_priv CREATE TABLE `proxies_priv` (
`Host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
`User` char(32) COLLATE utf8_bin NOT NULL DEFAULT '',
`Proxied_host` char(60) COLLATE utf8_bin NOT NULL DEFAULT '',
`Proxied_user` char(32) COLLATE utf8_bin NOT NULL DEFAULT '',
`With_grant` tinyint(1) NOT NULL DEFAULT '0',
`Grantor` char(93) COLLATE utf8_bin NOT NULL DEFAULT '',
`Timestamp` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`Host`,`User`,`Proxied_host`,`Proxied_user`),
KEY `Grantor` (`Grantor`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin COMMENT='User proxy privileges'
SELECT USER(),CURRENT_USER();
USER() CURRENT_USER()
очень_очень_очень_длинный_юзер__@localhost очень_очень_очень_длинный_дест__@%
# Testing 32 proxy users cleanup
DROP USER user_name_len_22_01234;
DROP USER user_name_len_22_0dest;
DROP USER очень_очень_очень_длинный_юзер__;
DROP USER очень_очень_очень_длинный_дест__;
SET NAMES default;
# Testing 32 users with different authentication plugins
CREATE USER user_name_len_22_01234@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string';
SELECT CURRENT_USER();
CURRENT_USER()
user_name_len_22_01234@localhost
DROP USER user_name_len_22_01234@localhost;
CREATE USER user_name_len_32_012345678901234@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string';
SELECT CURRENT_USER();
CURRENT_USER()
user_name_len_32_012345678901234@localhost
DROP USER user_name_len_32_012345678901234@localhost;
CREATE USER user_name_len_32_012345678901234@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'auth_string';
SELECT CURRENT_USER();
CURRENT_USER()
user_name_len_32_012345678901234@localhost
DROP USER user_name_len_32_012345678901234@localhost;
# Testing 32 users with different authentication plugins WITH REQUIRE SSL
CREATE USER user_name_len_22_01234@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string' REQUIRE SSL;
SELECT CURRENT_USER();
CURRENT_USER()
user_name_len_22_01234@localhost
DROP USER user_name_len_22_01234@localhost;
CREATE USER user_name_len_32_012345678901234@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE SSL;
SELECT CURRENT_USER();
CURRENT_USER()
user_name_len_32_012345678901234@localhost
DROP USER user_name_len_32_012345678901234@localhost;
CREATE USER user_name_len_32_012345678901234@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'auth_string' REQUIRE SSL;
SELECT CURRENT_USER();
CURRENT_USER()
user_name_len_32_012345678901234@localhost
DROP USER user_name_len_32_012345678901234@localhost;
# Testing 32 utf users with different authentication plugins
SET NAMES utf8;
CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string';
SELECT CURRENT_USER();
CURRENT_USER()
очень_очень_очень_длинный_юзер__@localhost
DROP USER очень_очень_очень_длинный_юзер__@localhost;
CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string';
SELECT CURRENT_USER();
CURRENT_USER()
очень_очень_очень_длинный_юзер__@localhost
DROP USER очень_очень_очень_длинный_юзер__@localhost;
CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'auth_string';
SELECT CURRENT_USER();
CURRENT_USER()
очень_очень_очень_длинный_юзер__@localhost
DROP USER очень_очень_очень_длинный_юзер__@localhost;
# Testing 32 utf users with different authentication plugins WITH REQUIRE SSL
CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'sha256_password' BY 'auth_string' REQUIRE SSL;
SELECT CURRENT_USER();
CURRENT_USER()
очень_очень_очень_длинный_юзер__@localhost
DROP USER очень_очень_очень_длинный_юзер__@localhost;
CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'mysql_native_password' BY 'auth_string' REQUIRE SSL;
SELECT CURRENT_USER();
CURRENT_USER()
очень_очень_очень_длинный_юзер__@localhost
DROP USER очень_очень_очень_длинный_юзер__@localhost;
CREATE USER очень_очень_очень_длинный_юзер__@localhost IDENTIFIED WITH 'cleartext_plugin_server' AS 'auth_string' REQUIRE SSL;
SELECT CURRENT_USER();
CURRENT_USER()
очень_очень_очень_длинный_юзер__@localhost
DROP USER очень_очень_очень_длинный_юзер__@localhost;
SET NAMES default;
Reference in New Issue View Git Blame Copy Permalink